The Cerberus trojan just got a notable upgrade. What measures can be taken by app developers?

New research from the security company ThreatFabric reveals some concerning developments in the shady world of mobile malware. The Cerberus banking malware has received notable upgrades from its creators. The malware now has RAT (Remote Access Trojan) capabilities which can unlock a set of “features” for those that opt to use it. By abusing the Accessibility services, the malware can record user’s unlock credentials such as users PIN or swipe pattern.

Stealing OTPs generated through Google Authenticator

As some of you asked in the past, yes, Android malware can possibly steal Google Authenticator’s 2FA codes by misusing accessibility services

What’s also worrying, is that even Google Authenticator’s 2FA codes can be stolen by the malware. Google Authenticator is a popular app allows users to easily add an extra security layer.

According to the report, the upgraded Cerberus malware can even set up a TeamViewer link so that the hackers can comfortably operate the victim’s phone when it’s not being used. That means text messages, social media accounts and photos are all exposed as well.

ThreatFabric researchers believe the Cerberus trojan will most likely use this feature to bypass Authenticator-based 2FA protections on online banking accounts, but there’s nothing stopping hackers from bypassing Authenticator-based 2FA on other types of accounts.

What measures can be taken by app developers?

What we all know, is that hight value apps cannot rely on OS security features alone. Accessibility services on Android are currently one of the weakest points of the operating system from the security standpoint.

So, to make sure your app is secure, a piece of good advice is to protect it with advanced In-App Protection capabilities. Promon SHIELD™ protects your apps against shady malware that aims to steal sensitive user data from your apps by abusing the accessibility services.

We use cookies on this site to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. AcceptRead More

Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.